From: Gleb Natapov <gleb@redhat.com>
To: Liu Ping Fan <pingfank@linux.vnet.ibm.com>
Cc: Stefan Hajnoczi <stefanha@gmail.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
qemu-devel@nongnu.org, Avi Kivity <avi@redhat.com>,
Anthony Liguori <anthony@codemonkey.ws>,
Jan Kiszka <jan.kiszka@siemens.com>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [Qemu-devel] [patch v4 09/16] memory: introduce mmio request pending to anti nested DMA
Date: Tue, 23 Oct 2012 14:38:21 +0200 [thread overview]
Message-ID: <20121023123821.GA29310@redhat.com> (raw)
In-Reply-To: <1350897839-29593-10-git-send-email-pingfank@linux.vnet.ibm.com>
On Mon, Oct 22, 2012 at 05:23:52PM +0800, Liu Ping Fan wrote:
> Rejecting the nested mmio request which does not aim at RAM, so we
> can avoid the potential deadlock caused by the random lock sequence
> of two device's local lock.
>
> Signed-off-by: Liu Ping Fan <pingfank@linux.vnet.ibm.com>
> ---
> cpus.c | 14 ++++++++++++++
> exec.c | 50 ++++++++++++++++++++++++++++++++++++--------------
> hw/hw.h | 1 +
> kvm-all.c | 2 ++
> qemu-thread-posix.h | 3 +++
> qemu-thread.h | 2 ++
> 6 files changed, 58 insertions(+), 14 deletions(-)
>
> diff --git a/cpus.c b/cpus.c
> index 4cd7f85..365a512 100644
> --- a/cpus.c
> +++ b/cpus.c
> @@ -729,6 +729,18 @@ static void qemu_kvm_wait_io_event(CPUArchState *env)
> qemu_wait_io_event_common(env);
> }
>
> +int get_context_type(void)
> +{
> + QemuThread *t = pthread_getspecific(qemu_thread_key);
> + return t->context_type;
> +}
> +
You defined the function but not use it.
What 0/1 context_type means?
> +void set_context_type(int type)
> +{
> + QemuThread *t = pthread_getspecific(qemu_thread_key);
> + t->context_type = type;
> +}
> +
> static void *qemu_kvm_cpu_thread_fn(void *arg)
> {
> CPUArchState *env = arg;
> @@ -736,6 +748,8 @@ static void *qemu_kvm_cpu_thread_fn(void *arg)
> int r;
>
> pthread_setspecific(qemu_thread_key, cpu->thread);
> + set_context_type(0);
> +
> qemu_mutex_lock(&qemu_global_mutex);
> qemu_thread_get_self(cpu->thread);
> env->thread_id = qemu_get_thread_id();
> diff --git a/exec.c b/exec.c
> index 91b859b..a0327a1 100644
> --- a/exec.c
> +++ b/exec.c
> @@ -3490,7 +3490,9 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf,
> uint32_t val;
> target_phys_addr_t page;
> MemoryRegionSection *section, obj_mrs;
> - int safe_ref;
> + int safe_ref, nested_dma = 0;
> + QemuThread *thread = pthread_getspecific(qemu_thread_key);
> + int context = thread->context_type;
>
> while (len > 0) {
> page = addr & TARGET_PAGE_MASK;
> @@ -3500,7 +3502,8 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf,
> qemu_mutex_lock(&mem_map_lock);
> safe_ref = phys_page_lookup(page, &obj_mrs);
> qemu_mutex_unlock(&mem_map_lock);
> - if (safe_ref == 0) {
> +
> + if (safe_ref == 0 && context == 1) {
> qemu_mutex_lock_iothread();
> qemu_mutex_lock(&mem_map_lock);
> /* At the 2nd try, mem map can change, so need to judge it again */
> @@ -3511,7 +3514,9 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf,
> }
> }
> section = &obj_mrs;
> -
> + if (context == 1) {
> + nested_dma = thread->mmio_request_pending++ > 1 ? 1 : 0;
> + }
> if (is_write) {
> if (!memory_region_is_ram(section->mr)) {
> target_phys_addr_t addr1;
> @@ -3521,17 +3526,23 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf,
> if (l >= 4 && ((addr1 & 3) == 0)) {
> /* 32 bit write access */
> val = ldl_p(buf);
> - io_mem_write(section->mr, addr1, val, 4);
> + if (!nested_dma) {
> + io_mem_write(section->mr, addr1, val, 4);
> + }
> l = 4;
> } else if (l >= 2 && ((addr1 & 1) == 0)) {
> /* 16 bit write access */
> val = lduw_p(buf);
> - io_mem_write(section->mr, addr1, val, 2);
> + if (!nested_dma) {
> + io_mem_write(section->mr, addr1, val, 2);
> + }
> l = 2;
> } else {
> /* 8 bit write access */
> val = ldub_p(buf);
> - io_mem_write(section->mr, addr1, val, 1);
> + if (!nested_dma) {
> + io_mem_write(section->mr, addr1, val, 1);
> + }
> l = 1;
> }
> } else if (!section->readonly) {
> @@ -3552,24 +3563,31 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf,
> }
> } else {
> if (!(memory_region_is_ram(section->mr) ||
> - memory_region_is_romd(section->mr))) {
> + memory_region_is_romd(section->mr)) &&
> + !nested_dma) {
> target_phys_addr_t addr1;
> /* I/O case */
> addr1 = memory_region_section_addr(section, addr);
> if (l >= 4 && ((addr1 & 3) == 0)) {
> /* 32 bit read access */
> - val = io_mem_read(section->mr, addr1, 4);
> - stl_p(buf, val);
> + if (!nested_dma) {
> + val = io_mem_read(section->mr, addr1, 4);
> + stl_p(buf, val);
> + }
> l = 4;
> } else if (l >= 2 && ((addr1 & 1) == 0)) {
> /* 16 bit read access */
> - val = io_mem_read(section->mr, addr1, 2);
> - stw_p(buf, val);
> + if (!nested_dma) {
> + val = io_mem_read(section->mr, addr1, 2);
> + stw_p(buf, val);
> + }
> l = 2;
> } else {
> /* 8 bit read access */
> - val = io_mem_read(section->mr, addr1, 1);
> - stb_p(buf, val);
> + if (!nested_dma) {
> + val = io_mem_read(section->mr, addr1, 1);
> + stb_p(buf, val);
> + }
> l = 1;
> }
> } else {
> @@ -3586,7 +3604,11 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf,
> len -= l;
> buf += l;
> addr += l;
> - if (safe_ref == 0) {
> +
> + if (context == 1) {
> + thread->mmio_request_pending--;
> + }
> + if (safe_ref == 0 && context == 1) {
> qemu_mutex_unlock_iothread();
> }
> }
> diff --git a/hw/hw.h b/hw/hw.h
> index e5cb9bf..935b045 100644
> --- a/hw/hw.h
> +++ b/hw/hw.h
> @@ -12,6 +12,7 @@
> #include "irq.h"
> #include "qemu-file.h"
> #include "vmstate.h"
> +#include "qemu-thread.h"
>
> #ifdef NEED_CPU_H
> #if TARGET_LONG_BITS == 64
> diff --git a/kvm-all.c b/kvm-all.c
> index 34b02c1..b3fa597 100644
> --- a/kvm-all.c
> +++ b/kvm-all.c
> @@ -1562,10 +1562,12 @@ int kvm_cpu_exec(CPUArchState *env)
> break;
> case KVM_EXIT_MMIO:
> DPRINTF("handle_mmio\n");
> + set_context_type(1);
> cpu_physical_memory_rw(run->mmio.phys_addr,
> run->mmio.data,
> run->mmio.len,
> run->mmio.is_write);
> + set_context_type(0);
> ret = 0;
> break;
> case KVM_EXIT_IRQ_WINDOW_OPEN:
> diff --git a/qemu-thread-posix.h b/qemu-thread-posix.h
> index 2607b1c..9fcc6f8 100644
> --- a/qemu-thread-posix.h
> +++ b/qemu-thread-posix.h
> @@ -12,6 +12,9 @@ struct QemuCond {
>
> struct QemuThread {
> pthread_t thread;
> + /* 0 clean; 1 mmio; 2 io */
> + int context_type;
> + int mmio_request_pending;
> };
>
> extern pthread_key_t qemu_thread_key;
> diff --git a/qemu-thread.h b/qemu-thread.h
> index 4a6427d..88eaf94 100644
> --- a/qemu-thread.h
> +++ b/qemu-thread.h
> @@ -45,6 +45,8 @@ void *qemu_thread_join(QemuThread *thread);
> void qemu_thread_get_self(QemuThread *thread);
> bool qemu_thread_is_self(QemuThread *thread);
> void qemu_thread_exit(void *retval);
> +int get_context_type(void);
> +void set_context_type(int type);
>
> void qemu_thread_key_create(void);
> #endif
> --
> 1.7.4.4
>
--
Gleb.
next prev parent reply other threads:[~2012-10-23 12:38 UTC|newest]
Thread overview: 102+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-22 9:23 [Qemu-devel] [patch v4 00/16] push mmio dispatch out of big lock Liu Ping Fan
2012-10-22 9:23 ` [Qemu-devel] [patch v4 01/16] atomic: introduce atomic operations Liu Ping Fan
2012-10-22 9:23 ` [Qemu-devel] [patch v4 02/16] qom: apply atomic on object's refcount Liu Ping Fan
2012-10-22 9:23 ` [Qemu-devel] [patch v4 03/16] hotplug: introduce qdev_unplug_complete() to remove device from views Liu Ping Fan
2012-10-22 9:23 ` [Qemu-devel] [patch v4 04/16] pci: remove pci device from mem view when unplug Liu Ping Fan
2012-10-22 9:23 ` [Qemu-devel] [patch v4 05/16] memory: introduce ref, unref interface for MemoryRegionOps Liu Ping Fan
2012-10-22 9:38 ` Avi Kivity
2012-10-23 11:51 ` Paolo Bonzini
2012-10-23 11:55 ` Avi Kivity
2012-10-23 11:57 ` Paolo Bonzini
2012-10-23 12:02 ` Avi Kivity
2012-10-23 12:06 ` Paolo Bonzini
2012-10-23 12:15 ` Avi Kivity
2012-10-23 12:32 ` Paolo Bonzini
2012-10-23 14:49 ` Avi Kivity
2012-10-23 15:26 ` Paolo Bonzini
2012-10-23 16:09 ` Avi Kivity
2012-10-24 7:29 ` Paolo Bonzini
2012-10-25 16:28 ` Avi Kivity
2012-10-26 15:05 ` Paolo Bonzini
2012-10-23 12:04 ` Jan Kiszka
2012-10-23 12:12 ` Paolo Bonzini
2012-10-23 12:16 ` Jan Kiszka
2012-10-23 12:28 ` Avi Kivity
2012-10-23 12:40 ` Jan Kiszka
2012-10-23 14:37 ` Avi Kivity
2012-10-22 9:23 ` [Qemu-devel] [patch v4 06/16] memory: document ref, unref interface Liu Ping Fan
2012-10-22 9:23 ` [Qemu-devel] [patch v4 07/16] memory: make mmio dispatch able to be out of biglock Liu Ping Fan
2012-10-23 12:12 ` Jan Kiszka
2012-10-23 12:36 ` Avi Kivity
2012-10-24 6:31 ` liu ping fan
2012-10-24 6:56 ` liu ping fan
2012-10-25 8:57 ` Avi Kivity
2012-10-22 9:23 ` [Qemu-devel] [patch v4 08/16] QemuThread: make QemuThread as tls to store extra info Liu Ping Fan
2012-10-22 9:30 ` Jan Kiszka
2012-10-22 17:13 ` Peter Maydell
2012-10-23 5:58 ` liu ping fan
2012-10-23 11:48 ` Paolo Bonzini
2012-10-23 11:50 ` Peter Maydell
2012-10-23 11:51 ` Jan Kiszka
2012-10-23 12:00 ` Paolo Bonzini
2012-10-23 12:27 ` Peter Maydell
2012-11-18 10:02 ` Brad Smith
2012-11-18 16:14 ` Paolo Bonzini
2012-11-18 16:15 ` Paolo Bonzini
2012-10-22 9:23 ` [Qemu-devel] [patch v4 09/16] memory: introduce mmio request pending to anti nested DMA Liu Ping Fan
2012-10-22 10:28 ` Avi Kivity
2012-10-23 12:38 ` Gleb Natapov [this message]
2012-10-24 6:31 ` liu ping fan
2012-10-22 9:23 ` [Qemu-devel] [patch v4 10/16] memory: introduce lock ops for MemoryRegionOps Liu Ping Fan
2012-10-22 10:30 ` Avi Kivity
2012-10-23 5:53 ` liu ping fan
2012-10-23 8:53 ` Jan Kiszka
2012-10-22 9:23 ` [Qemu-devel] [patch v4 11/16] vcpu: push mmio dispatcher out of big lock Liu Ping Fan
2012-10-22 10:31 ` Avi Kivity
2012-10-22 10:36 ` Jan Kiszka
2012-10-22 9:23 ` [Qemu-devel] [patch v4 12/16] e1000: apply fine lock on e1000 Liu Ping Fan
2012-10-22 10:37 ` Avi Kivity
2012-10-23 9:04 ` Jan Kiszka
2012-10-24 6:31 ` liu ping fan
2012-10-24 7:17 ` Jan Kiszka
2012-10-25 9:01 ` Avi Kivity
2012-10-25 9:31 ` Jan Kiszka
2012-10-25 16:21 ` Avi Kivity
2012-10-25 16:39 ` Jan Kiszka
2012-10-25 17:02 ` Avi Kivity
2012-10-25 18:48 ` Jan Kiszka
2012-10-29 5:24 ` liu ping fan
2012-10-24 7:29 ` liu ping fan
2012-10-25 13:34 ` Jan Kiszka
2012-10-25 16:23 ` Avi Kivity
2012-10-25 16:41 ` Jan Kiszka
2012-10-25 17:03 ` Avi Kivity
2012-10-29 5:24 ` liu ping fan
2012-10-31 7:03 ` Jan Kiszka
2012-10-22 9:23 ` [Qemu-devel] [patch v4 13/16] e1000: add busy flag to anti broken device state Liu Ping Fan
2012-10-22 10:40 ` Avi Kivity
2012-10-23 5:52 ` liu ping fan
2012-10-23 9:06 ` Avi Kivity
2012-10-23 9:07 ` Jan Kiszka
2012-10-23 9:32 ` liu ping fan
2012-10-23 9:37 ` Avi Kivity
2012-10-24 6:36 ` liu ping fan
2012-10-25 8:55 ` Avi Kivity
2012-10-25 9:00 ` Peter Maydell
2012-10-25 9:04 ` Avi Kivity
2012-10-26 3:05 ` liu ping fan
2012-10-26 3:08 ` liu ping fan
2012-10-26 10:25 ` Jan Kiszka
2012-10-29 5:24 ` liu ping fan
2012-10-29 7:50 ` Peter Maydell
2012-10-22 9:23 ` [Qemu-devel] [patch v4 14/16] qdev: introduce stopping state Liu Ping Fan
2012-10-22 9:23 ` [Qemu-devel] [patch v4 15/16] e1000: introduce unmap() to fix unplug issue Liu Ping Fan
2012-10-22 9:23 ` [Qemu-devel] [patch v4 16/16] e1000: implement MemoryRegionOps's ref&lock interface Liu Ping Fan
2012-10-25 14:04 ` [Qemu-devel] [patch v4 00/16] push mmio dispatch out of big lock Peter Maydell
2012-10-25 16:44 ` Jan Kiszka
2012-10-25 17:07 ` Avi Kivity
2012-10-25 17:13 ` Peter Maydell
2012-10-25 18:13 ` Marcelo Tosatti
2012-10-25 19:00 ` Jan Kiszka
2012-10-25 19:06 ` Peter Maydell
2012-10-29 15:24 ` Avi Kivity
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121023123821.GA29310@redhat.com \
--to=gleb@redhat.com \
--cc=anthony@codemonkey.ws \
--cc=avi@redhat.com \
--cc=jan.kiszka@siemens.com \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=pingfank@linux.vnet.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.